Oct 3, 2007

I had a strange experience with a malware program that caused dozens of Internet Explorer browsers to simultaneously open. Because of the sudden explosion of browsers mushrooming on my display, I could not get all of the URL information beyond "AdsandAds.com", but there were additional components of the URL before and after this piece.

The browsers did not produce any actual ads, but posted a bunch of DNS errors. To get out of this malicious hijacking, I right-clicked on the taskbar icon for Internet Explorer, highlighted "Close Groups," and waited for my laptop to start shutting down IE.

I then opened Task Manager, looked at the current processes, and manually shut off a process I did not recognize. This had a lengthy numeric name that began with "198." I also ran msconfig and turned off all but the most essential Startup functions that I recognized, to prevent the malware from automatically restarting.

After reclaiming control of my machine, I ran my favorite malware/adware programs: SpyBot Search and Destroy and AdAware. Since that time I have not had a return of the browser-spasms, but I cannot find out anything about Adsandads.com beyond a few help-related posts from people frustrated with this hijacker. I would like to manually scan my registry and programs for any suspicious files, but I have yet to discover anything technical on the Web related to AdsandAds.com beyond some information about a monster cable.

The worst part about this piece of evil programming is the browser-mania forced MS-PowerPoint to close on me, eating about two hours worth of lecture prep for a class I am teaching tonight. So thanks, you conniving bastards and your malicious code featuring AdsandAds.com, for stealing two hours worth of my unrecoverable hard work.

It just hit me today too (along with a few other annoyances incl. my Symantec going wacko) and I have no idea why. I've had to unistall Symantec and have wasted the past 2 plus hours running Trend Micros House Call.. I wonder if it's some kind of virus/malware.

The way it has manifested itself on my laptop is ... every time I hit the tab or a website url. I get a search popup that says: The following Website was not found: cpv.adsandads.com

Bloody idiots. They should be all drawn and quartered, in my humble opinion.

I doubt they are innocent victims... but I'm certainly not going to check out their website.

I had the same thing happen to me as well. It pops up every few minutes, I'm on XPSP2. It made copies of many different exe files including one of the Norton files and moved them to /bak folders and replaced the original .exes with virus copies of itself. Almost all the exe files were in my startup through msconfig, though a couple extra were replaced while others were untouched so it may have been targetting commonly used startup files rather than my files themselves - just to try to get yout to run it on each Startup.

None of the tool, anti-spyware, antivirus or anything else seem able to detect it though...